Update Siro integration: NABEH_API_KEY, nabeh/ folder paths, /api/siro/ routes

2026-06-17 18:23:29 +03:00
parent e339cf466d
commit 926d8bc4a5
3 changed files with 816 additions and 142 deletions
--- a/backend/public/index.php
+++ b/backend/public/index.php
@@ -160,6 +160,155 @@ $router->post('/api/integrations/woocommerce/disconnect', [\App\Controllers\WooC
 $router->post('/api/webhooks/woocommerce',                [\App\Controllers\WooCommerceController::class, 'webhook']);


+// ============================================
+// Siro Integration API Endpoints
+// ============================================
+
+// Siro Driver Info - Returns real-time driver data to Siro
+$router->post('/api/siro/driver-info', function ($request, $response) {
+    $apiKey = getenv('NABEH_API_KEY');
+    $incomingKey = $request->getHeader('x-api-key') ?? '';
+
+    if (empty($apiKey) || $incomingKey !== $apiKey) {
+        $response->status(401)->json([
+            'status' => 'error',
+            'message' => 'Unauthorized'
+        ]);
+        return;
+    }
+
+    $body = $request->getBody();
+    $phone = $body['phone'] ?? '';
+
+    if (empty($phone)) {
+        $response->status(400)->json([
+            'status' => 'error',
+            'message' => 'Missing phone number'
+        ]);
+        return;
+    }
+
+    // Find driver OCR data
+    $hash = \App\Core\Security::blindIndex($phone);
+    $record = \App\Core\Database::selectOne(
+        "SELECT * FROM driver_ocr_data WHERE phone_hash = ? LIMIT 1",
+        [$hash]
+    );
+
+    $response->json([
+        'status' => 'success',
+        'data' => $record ? \App\Models\DriverOcrData::decryptRecord($record) : null
+    ]);
+});
+
+// Siro Registration Status Check
+$router->get('/api/siro/registration-status', function ($request, $response) {
+    $apiKey = getenv('NABEH_API_KEY');
+    $incomingKey = $request->getHeader('x-api-key') ?? '';
+
+    if (empty($apiKey) || $incomingKey !== $apiKey) {
+        $response->status(401)->json([
+            'status' => 'error',
+            'message' => 'Unauthorized'
+        ]);
+        return;
+    }
+
+    $phone = $request->get('phone') ?? '';
+
+    if (empty($phone)) {
+        $response->status(400)->json([
+            'status' => 'error',
+            'message' => 'Missing phone parameter'
+        ]);
+        return;
+    }
+
+    $hash = \App\Core\Security::blindIndex($phone);
+    $record = \App\Core\Database::selectOne(
+        "SELECT id, name, status, created_at, updated_at FROM driver_ocr_data WHERE phone_hash = ? LIMIT 1",
+        [$hash]
+    );
+
+    if (!$record) {
+        $response->json([
+            'status' => 'success',
+            'data' => null,
+            'message' => 'No registration found for this phone'
+        ]);
+        return;
+    }
+
+    $response->json([
+        'status' => 'success',
+        'data' => $record
+    ]);
+});
+
+// Siro Webhook - Receives driver activation confirmations from Siro
+$router->post('/api/siro/webhook', function ($request, $response) {
+    $apiKey = getenv('NABEH_API_KEY');
+    $incomingKey = $request->getHeader('x-api-key') ?? '';
+
+    if (empty($apiKey) || $incomingKey !== $apiKey) {
+        $response->status(401)->json([
+            'status' => 'error',
+            'message' => 'Unauthorized'
+        ]);
+        return;
+    }
+
+    $body = $request->getBody();
+    $phone = $body['phone'] ?? '';
+    $syroDriverId = $body['driver_id'] ?? '';
+    $event = $body['event'] ?? '';
+    $status = $body['status'] ?? '';
+
+    if (empty($phone) || empty($event)) {
+        $response->status(400)->json([
+            'status' => 'error',
+            'message' => 'Missing required fields: phone, event'
+        ]);
+        return;
+    }
+
+    error_log("[Siro Webhook] Event: {$event}, Phone: {$phone}, DriverID: {$syroDriverId}, Status: {$status}");
+
+    $hash = \App\Core\Security::blindIndex($phone);
+
+    if ($event === 'driver_activated' && $status === 'actives') {
+        \App\Core\Database::execute(
+            "UPDATE driver_ocr_data SET status = 'registered', syro_driver_id = ? WHERE phone_hash = ?",
+            [$syroDriverId, $hash]
+        );
+
+        $response->json([
+            'status' => 'success',
+            'message' => 'Driver status updated'
+        ]);
+        return;
+    }
+
+    if ($event === 'driver_rejected') {
+        \App\Core\Database::execute(
+            "UPDATE driver_ocr_data SET status = 'rejected' WHERE phone_hash = ?",
+            [$hash]
+        );
+
+        $response->json([
+            'status' => 'success',
+            'message' => 'Driver rejected'
+        ]);
+        return;
+    }
+
+    $response->json([
+        'status' => 'success',
+        'message' => 'Event received'
+    ]);
+});
+
+
 // Mock External API for Entaleq Driver Info (Used to fetch real-time driver data)
 $router->post('/api/external/driver-info', function ($request, $response) {
    $body = $request->getBody();